The European Union's General Data Protection Regulation has been the buzz of 2017, and security leaders globally understand the regulation's basics - the 72-hour breach reporting mandate, the May 2018 enforcement date and the non-compliance penalty of up to 4 percent of annual global revenue or 20 million euros (whichever is greater). But what about GDPR's obligations for data anonymization, trans-border data transfers, appointment of data protection officers and - most significantly - the "right to be forgotten," which requires organizations to grant any European citizens' requests for personal data to be deleted from the organizations' information systems?
This "right to be forgotten" raises several potential show-stopping questions. Do you even know what data you collect, why you collect it and how it is secured and stored? How will you respond when a European citizen requests you to share and delete all of that citizen's personal data you ever have collected - even in backup files? During this panel discussion, our experts will explore what steps need to be taken by your organization now to ensure proper data security and adequate preparation for the GDPR enforcement date.